Class-based policing and CAR question

BennyLavaBennyLava MemberMember Posts: 60 ■■□□□□□□□□
Let's say you want to police all traffic from Class A to 64,000 bps and Class B to 64,000 bps, and that you want to police the combined traffic being sent out an interface to 96,000 bps. I tried this with CAR using the following config:
access-list 100 permit <Class A match criteria>
access-list 101 permit <Class B match criteria>

interface Serial0/0
 rate-limit output access-group 100 64000 8000 8000 conform-action continue exceed-action drop
 rate-limit output access-group 101 64000 8000 8000 conform-action continue exceed-action drop
 rate-limit output 96000 12000 12000 conform-action transmit exceed-action drop

and it worked as I wanted it to, but when I tried the following config:
policy-map child
 class ClassA
   police cir 64000 bc 8000
     conform-action transmit 
     exceed-action drop 
 class ClassB
   police cir 64000 bc 8000
     conform-action transmit 
     exceed-action drop 

policy-map parent
 class class-default
   police 96000 bc 12000 conform-action transmit  exceed-action drop 
   service-policy child


interface Serial0/0
 service-policy output parent

I found that the policing on the parent takes place first, so if Class A generates a large amount of traffic, the parent policy ends up policing most of Class B's traffic before it is checked by the child policy and only a little over 64,000 bps total is actually sent out of the interface. Is there any way of achieving the same result that I did with CAR in this example using class-based policing?

Comments

  • networker050184networker050184 Went to the dark side.... Mod Posts: 11,962 Mod
    You best bet would probably be to shape on the parent policy and then police in the child. Although I don't see why the current config would have not allowed you to go over 64000 combined.
    An expert is a man who has made all the mistakes which can be made.
  • BennyLavaBennyLava Member Member Posts: 60 ■■□□□□□□□□
    You best bet would probably be to shape on the parent policy and then police in the child. Although I don't see why the current config would have not allowed you to go over 64000 combined.

    It can allow over 64000, but it depends on the situation. If Class A is sending way more traffic than the policing rate, say 900k, and Class B is sending 60k for a total of 960k, about 9/10 of the traffic will be policed by the parent policy without preference for whether it's Class A traffic or Class B traffic. So, on average about 90k of Class A and 6k of Class B are allowed by the parent policy and compared with the child policy. Class A is policed from 90k to 64k by the child policy and Class B is left alone, so only about 70k total of traffic ends up getting sent. I'm not sure if there's a different way of configuring this with class-based policing that would prevent this from happening. I'm just trying to thinkof situations where CAR might be useful instead of class-based policing.
Sign In or Register to comment.